PeerBlock: avoid detection when downloading from torrent or p2p networks

PeerBlock is an open source IP filtering application partially based on the PeerGuardian code. It is designed to prevent your computer from making undesirable connections, such as to machines flagged for anti p2p activities, corporations, governments, etc.

This can significantly decrease your chances of being detected when downloading from p2p or Torrent networks, or of contracting malware/spyware from known sources. PeerBlock is available in portable form and works with all versions of Windows (including XP, Vista, Seven).

If you’ve ever read or heard about ordinary people being sued for downloading files from torrent or other p2p networks, and worried about your own downloading activities, this program is for you.

Typically, agencies that are out to detect people’s downloading activity will actually take part in providing the file for download, then attempt to find out as much information about the computers that connect to them as possible.

How it works:

What PeerBlock does is it taps into publicly available lists that classify IP addresses in order to simply avoid “bad” IP addresses. It utilizes the collective wisdom of communities and sites that classify IP addresses (go here for more on where these lists come from). It works much in the same way as a virus killer program in that it is constantly updating the lists of known “bad” IP addresses, even as more of these come into existence.

What kind of protection to expect:

In keeping with the virus killer analogy above, PeerBlock will not necessarily protect you from the latest unknown threat or bad IP, but it will greatly decrease your chances of being detected. Moreover (and this is where the viruskiller analogy ends), PeerBlock will make you harder to detect compared to others on the network; the PeerBlock documentation cites the so-called “bear principle: “when running away from an angry bear you don’t need to be faster than that bear … you only need to be faster than the guy next to you”. The Peerblock site also states that “the only way to be safe with P2P downloading is to not share copyrighted content!”.

Ease of Use:

What I really like about PeerBlock is that it is very easy to use; all you need to do is run it and specify what kinds of “lists” you would like to be protected from (P2P, Spyware, Advertising, or Education/Universities) and that’s it. It now runs in the background, preventing your computer from connecting to known bad sources, not just for torrent or p2p networks but for (optionally) for general web usage as well. It will also periodically auto-update the lists that it needs to do its job.

Program options:

You can enable or disable PeerBlock at will. You can also set up your own lists if you are so inclined as well as use PeerBlock to block custom IP ranges that you set up (such as the IP range of entire countries). You can allow or disallow IP filtering for HTTP access as well (i.e. regular browsing).

PeerBlock vs. PeerGuardian:

PeerBlock is based on the code from PeerGuardian (v. PG2 RC1 Test3). I would recommend using PeerBlock because it (a) is under development; (b) does not suffer from the kind of bugs that PeerGuardian had, (c) most importantly, runs on XP, Vista, and Windows 7 without hitch. You cannot run both simultaneously.

The verdict:

Convenient, easy to use, and might just save your bacon. Download it and be safe.

Thanks so much for writing about this program. I’ve been having a lot of trouble with PeerGuardian recently, especially the lists not getting downloaded correctly. It’s nice to see someone else picking up development where they left off.

To be honest there is no real reason for this program to be constantly running. Most P2P programs have a ip filter list that this program could quite easily just update when you run it much the way SpyBlaster does for web browsers. At present I just download the iptable files from http://bit.ly/uUnQw and put it in my uTorrent folder.

Peter

Found the program a few months ago, but now that they have the signed driver, it can finally be used on Windows 7 64 bit 🙂 And keeping it running is actually not a bad idea: I am amazed how much it filters out. All kinds of MediaSentry pings etc.

Still, it’s great, yet stil only a thin layer of security, so don’t put too much faith in it either 🙂

jfjb

You go, Samer!

I second your opinion all the way, and then some. One more necessity out of the (search) way.

No need to mention the super light and powerful µTorrent, right?

Surf’s up, dudes and dudettes!

WolvenSpectre

There is a good reason for one of these programs all the time and it is one not listed in the article which is a real shame. That is to protect yourself from attacks and malware.

I have been a PeerGuardian2 user for some time and have a personal story about why I run it all the time unless I am have to temporarily disable it because of conflicts.

I was sent a legitimate file from a friend across the country and it was a DVD of mostly junk and funny things he’d accumulated. To download it it was too big for the email middleman services and Pando, so I asked him to torrent it. To save me download time he made an image file using some commercial shareware program that compressed the image into a proprietary format I had never seen.

After some research I found out what I needed to open it, and that it was pay. I went to the site and their trial version link was down. A moderator told me to download it from their torrent tracker and I did.

That was a mistake. The link went to a pirated version with a little extra payload inside posted on SumoTorrents (had never heard of them). Apparently the board’s posts were hacked.

When installed the malware called the mothership through port80 and said “I’m here!!!” and then another part executed some code then tried to connect back to a bot net as a zombie, probably awaiting orders.

Peer Guardian stopped that. The mothership was trying to contact their malware and Peer Guardian blocked that because it already had the mothership’s IP ranges. They were both using known malware sites, but a range of addresses I had added to avoid a certain known source of unauthorized hardware and software scans.

I couldn’t get rid of the malware, and to add insult to injury the Disk Imaging Software didn’t work on the image I download. I was unable to rebuild my machine for a week so I watched as the mothership and the malware would try again and again and fail to get past peer guardian. Then it got really malicious.

I then suffered a DDoS attack on my personal computer from hundreds if not a thousand IP addresses all co-ordinated to flood my bandwidth and contact the malware.

I then went back in my logs to grep who was sending this originally and to my surprise I found out publicly who owned the mothership, and it was an American Company that was fairly well known at the time. I don’t want to mention names but lets just say the media industries were very familiar with this company and its practices.

I am Canadian and if I had taken this to the police with the evidence I had could technically had the owners of the company extradited because of the cybersecurity laws on both sides of the border at the time. I really didn’t want to get pulled into that to I got a new IP and Network Card (They targeted my MAC too).

I haven’t told people online the name of the company because I want to avoid lawsuits and accusations, but PeerGuardian 2 saved my butt on several occasions.

WolvenSpectre, your American company that you could have taken to the police probably suffers from the very same trojan that attempted to take over your computer. There are script kiddies all over the world that have very large networks of bots, and they use these machines to go after other machines. But go ahead, run down to the police, and then tell them that you stole the “shareware” from a torrent site, and see how quickly they go after your vicious American attacker.

Good luck.

Samer

@ WolvenSpectre: thanks for sharing this story. Wow.. what a malicious scheme you stumbled into. It is true that I de-emphasized the anti malware aspect of this program in favor of the “downloading torrents without detection” part (although I did mention the anti malware/antispyware function both in the description and again in the body of the text). The reason for this is that this is my primary interest in this software, and I expected that that would be the draw for most readers as well.

PeerBlock lets you control who your computer “talks to” on the Internet. By selecting appropriate lists of “known bad” computers, you can block communication with advertising or spyware oriented servers, computers monitoring your p2p activities, computers which have been “hacked”, even entire countries! They can’t get in to your computer, and your computer won’t try to send them anything either.

And best of all, it’s free!

Sadies1010

just installed Peer Blocker. Anyway to find out what IP’s connected to me prior to the installation??

Dan

Sadies1010, nah man. there isn’t a way to find out. But if you want to see the Ip’s that have been blocked and/or allowed following the installation, your peerblock log.

Toni

I used Peerguardian in the past in connection with both Limewire and Frostwire. I never had anu trouble but when I looked at the list of sources it blocked there seemed to be a lot of organisations and companies on it which tried to track illegal downloads. I don’t know about PeerBlock but PeerGuardian had to be switched of when surfing the internet. It slowed down browsing or blocked sites for no apparent reason.

Predator

@6 Dick.

“But go ahead, run down to the police, and then tell them that you stole the “shareware” from a torrent site, ”

You are really really a dick head are you?

he did not steal the shareware you moron! I don’t think you know what a shareware is.

You are one of the worst idiot that humanity ever generated.

none

Funny that this very website triggers Anti-P2P connections that are blocked by PeerBlock… 75.101.212.227:80 184.73.55.124:80

Joshua

Does this app reduce my torrent download speed?

Joshua

@Predator: Dick has a point, man, in torrent there’s no shareware or trial, coz “all” apps there are packed with the crack.

Ddy

At Predator:

LOLOL, I think you’re the one not getting it. Dick put the quotations around shareware for a reason, which is usually to imply that someone is calling something that which it is not. It’s commonly used to describe politically correct terminology because political correctness causes politicians to use words that have little to no direct accuracy and often imply things that are, in truth either partially or totally false. People hate hearing the truth when that truth is personal and forces them acknowledge a reality they’ve been pretending doesn’t exist. Democrats and Liberal media excel at Political Correctness.

Dick is implying that WolvenSpectre, cool name btw, is calling it shareware when it’s actually not shareware. I mean, and probably Dick did too, if it were actually shareware, then why is it being torrented? I know I’ve seen some shareware and freeware available on torrent sites, but who’s stupid enough to take chances like that when you can go to other more safe websites to download it like Sourceforge, download.cnet, e.t.c… if indeed it is the shareware version?

Don’t get me wrong, I’m not saying that I agree with Dick because he may be wrong, but on the other hand, it’s easy not to tell the whole truth online when it’s insignificant regarding the actual message the person is trying to get across.

I find that people usually know what they’re talking about even when it first seems that they don’t, and it only requires that I be willing to look at what they’re saying more objectively to see if there is something that perhaps I’m missing about what they’re saying.

Redpill

scam, bitches an enitire government agency could not keep an up-to-date and accurate list from a pool of 4 Billion addresses that can change ownership daily. PB disables windows driver verifier leaving your ass wide open. PB firewall 1st Gen (old) packet filter vs Windows built-in 3rd gen (newest) firewall. Notice the scammers dont offer a way to add the list to windows firewall. Oh and you have to subscribe for the bogus anti-p2p list. Anti-p2p can monitor you indirectly without even using their own ip. PB can drop a zero-day trojan on your machine, use it for a botnet. You would be better off using their list to pick lotto numbers.

Rob

Calling PeerGuardian “under development” is generous for a last update of 3 years ago.

Rob

I’d delete my comment if I could. Something short-circuited here :>

Wesley

Peerblock with blocklists not updated is useless , try get powerful updated blocklist at http://ipfilterx.com